JavaProNewshttp://www.javapronews.com
Just another DevWebPro Network siteTue, 17 Mar 2015 13:42:49 +0000en-UShourly1http://wordpress.org/?v=4.1.1Java Training Tips, Tools and Resourceshttp://www.javapronews.com/java-training-tips-tools-and-resources/
http://www.javapronews.com/java-training-tips-tools-and-resources/#commentsTue, 17 Mar 2015 13:42:49 +0000http://www.javapronews.com/?p=6707Would be coders, hackers, mashup artists and others are honing their coding skills, many of them brushing up on Java and Java Script. A number of free toolkits, guides, white papers and other learning aids are available to take advantage of including the following: Java 8 Features: With no doubts, …

]]>Would be coders, hackers, mashup artists and others are honing their coding skills, many of them brushing up on Java and Java Script. A number of free toolkits, guides, white papers and other learning aids are available to take advantage of including the following:

Java 8 Features: With no doubts, Java 8 release is the greatest thing in the Java world since Java 5 (released quite a while ago, back in 2004). It brings tons of new features to the Java as a language, its compiler, libraries, tools and the JVM (Java virtual machine) itself. In this guide we are going to take a look at all these changes and demonstrate the different usage scenarios on real examples

Building Web Apps with Node.js:
With this book, you will get introduced to Node.js. You will learn how to install, configure and run the server and how to load various modules. Additionally, you will build a sample application from scratch and also get your hands dirty with Node.js command line programming.

Up and Running with Java Applications:The course also covers publishing applets in a web browser, working with XML data, and creating apps for Android devices. Exercise files accompany the course.

Java Essential Training:
The course demonstrates how to install both Java and the Eclipse IDE and dives into the particulars of programming. The course also explains the fundamentals of Java, from creating simple variables, assigning values, and declaring methods to working with strings, arrays, and subclasses; reading and writing to text files; and implementing object oriented programming concepts. Exercise files are included with the course.Bulletproof Java Code:
A Practical Strategy for Developing Functional, Reliable, and Secure Java Code: To combat this enemy, your team might already perform functional testing. Even so, you’re taking significant risks if you have not yet implemented a comprehensive team-wide quality management strategy. Such a strategy alleviates reliability, security, and performance problems to ensure that your code is free of functionality errors.

]]>http://www.javapronews.com/java-training-tips-tools-and-resources/feed/0Cloud Dataflow SDK for Java Goes Open Sourcehttp://www.javapronews.com/cloud-dataflow-sdk-java-goes-open-source/
http://www.javapronews.com/cloud-dataflow-sdk-java-goes-open-source/#commentsWed, 07 Jan 2015 14:12:28 +0000http://www.javapronews.com/?p=6704Google announced the open sourcing of its Cloud Dataflow SDK for Java in a move it says will make it easier for developers to integrate its managed service while forming the basis for porting Cloud Dataflow to other languages and execution environments. Google first unveiled Cloud Dataflow back in June. …

]]>Google announced the open sourcing of its Cloud Dataflow SDK for Java in a move it says will make it easier for developers to integrate its managed service while forming the basis for porting Cloud Dataflow to other languages and execution environments.

Google first unveiled Cloud Dataflow back in June.

“We created Cloud Dataflow, which is now currently an alpha release, as a platform to democratize large scale data processing by enabling easier and more scalable access to data for data scientists, data analysts and data-centric developers,” says Google software engineer Sam McVeety. “Regardless of role or goal – users can discover meaningful results from their data via simple and intuitive programing concepts, without the extra noise from managing distributed systems.”

“We’ve learned a lot about how to turn data into intelligence as the original FlumeJava programming models (basis for Cloud Dataflow) have continued to evolve internally at Google,” McVeety says.

Google says it’s open sourcing it so developers can “spur innovation in combining stream and batch based processing models,” adapt the Dataflow programming model to other languages, and execute Dataflow on other service environments.

]]>http://www.javapronews.com/cloud-dataflow-sdk-java-goes-open-source/feed/0Internet Explorer Java-Blocking Feature Gets Postponedhttp://www.javapronews.com/internet-explorer-java-blocking-feature-gets-postponed/
http://www.javapronews.com/internet-explorer-java-blocking-feature-gets-postponed/#commentsTue, 19 Aug 2014 13:12:13 +0000http://www.javapronews.com/?p=6701Microsoft recently posted to its Internet Explorer blog that it would begin blocking out-of-date ActiveX controls as part of its “ongoing commitment to delivering a more secure browser”. It then updated the blog to announce that it had postponed it until September 9th. According to a recent Microsoft Security Intelligence report, Java …

]]>Microsoft recently posted to its Internet Explorer blog that it would begin blocking out-of-date ActiveX controls as part of its “ongoing commitment to delivering a more secure browser”. It then updated the blog to announce that it had postponed it until September 9th.

According to a recent Microsoft Security Intelligence report, Java exploits represented 84.6% to 98.5% of exploit kit-related detections every month of last year. The company says while such vulnerabilities may have been fixed in recent versions, not all users will know to upgrade, so an update to IE will include a new security feature called out-of-date ActiveX control blocking.

The feature lets users know when IE prevents a web page from loading common, but outdated, ActiveX controls and interact with other parts of the page that aren’t affected by them. It also lets you update the outdated control and inventory the ActiveX controls your organization is using.

“Based on customer feedback, we have decided to wait thirty days before blocking any out-of-date ActiveX controls,” Microsoft said in an update to the blog post. “Customers can use the new logging feature to assess ActiveX controls in their environment and deploy Group Policies to enforce blocking, turn off blocking ActiveX controls for specific domains, or turn off the feature entirely depending on their needs. The feature and related Group Policies will still be available on August 12, but no out-of-date ActiveX controls will be blocked until Tuesday, September 9th. Microsoft will continue to create a more secure browser, and we encourage all customers to upgrade and stay up-to-date with the latest Internet Explorer and updates.”

Next month, only out-of-date Oracle Java ActiveX controls will be affected, and all others will continue their existing behavior. The feature will only prompt the user when an out-of-date version of Java is loaded as an ActiveX control.

“Installing the most current version of the Java runtime significantly improves user security,” Microsoft says.

Read the post (linked above) for more details on all of this. You may also want to check out this post on keeping Oracle Java updated.

“ColdFusion 11 along with ColdFusion Builder 3 gives you a unique end-to-end workflow for mobile application development addressing the challenges associated with building, testing, debugging and deploying enterprise class mobile applications – both web based as well as installed mobile apps,”said Adobe’s Rakshith Naresh. “While there are a range of enhancements made to the language, some of the features that can be called out are full CFSCRIPT support, support for Member Functions and JSON enhancements.”

“ColdFusion 11 now leverages a new engine for HTML to PDF conversion that does an almost perfect job of converting most HTML/CSS to its corresponding PDFs pixel-to-pixel. Along with the new engine, CFPDF has additional functionality to support digital signatures and archiving PDFs,’ added Naresh. “ColdFusion 11 has a built-in mechanism to prevent access of Administrator or its components from external access. ColdFusion 11 has additional built-in functions to prevent XSS, thus allowing concurrent logins through CFLOGIN. ColdFusion also supports mail encryption through CFMAIL.”

ColdFusion 11 Standard and ColdFusion 11 Enterprise are bundled with ColdFusion Builder 3. With standard, you get one Builder 3 license, and with Enterprise, you get three.

Last month, a Java update was released (Java 7 Update 55), which contained critical security fixes. Adobe makes it a point to note that ColdFusion 11 (as well as 10 and 9) have been certified on the update. Naresh had this to say:

For ColdFusion 11, all attempts were made to include this update as part of the final CF11 installers though this was very close to our launch date. We ran into an issue with the installer with a third-party platform used by ColdFusion, on Java 7 Update 55. We have escalated this issue with the vendor and are working with them for a fix. For now, the Java version bundled with the final installers of ColdFusion 11 is Java 7 Update 51.

But we fully understand the importance of Java 7 Update 55 and want to assure the ColdFusion community that we are committed to fixing this issue. We are also planning to replace all the ColdFusion 11 installers to include Java 7 Update 55 as soon as we are able to obtain a fix from the vendor.

That was in late April, when they also promised an update “within the next few weeks” offering Linux support for the new PDF engine.

]]>http://www.javapronews.com/latest-coldfusion-version-certified-for-critical-java-update/feed/0Programming Language Job Trends Part 1 – February 2014http://www.javapronews.com/programming-language-job-trends-part-1-february-2014/
http://www.javapronews.com/programming-language-job-trends-part-1-february-2014/#commentsTue, 25 Feb 2014 14:33:07 +0000http://www.javapronews.com/?p=6694Yes, it is job trends time again! I am changing the list of languages a bit because I wanted to start including more languages. So, we are now up to 3 different posts just for languages. In Part 1, we look at Java, C++, C#, Objective C, and Visual Basic. …

]]>Yes, it is job trends time again! I am changing the list of languages a bit because I wanted to start including more languages. So, we are now up to 3 different posts just for languages. In Part 1, we look at Java, C++, C#, Objective C, and Visual Basic. I have decided to drop the “Traditional” label as most languages are used in various different scenarios, and traditional vs web was just a bad representation. Part 2 (PHP, Python, JavaScript, Ruby, and PERL) and Part 3 (Erlang, Groovy, Scala, Lisp, and Clojure) will be posted in the next few days as well.
First, we look at the job trends from Indeed.com:

So, you can see that much of this graph has a very negative trend over the past two years. Java has obviously been in a fairly steady decline since 2012. C++ and C# are now following the same trend, which is heading downward as well. Oddly, Visual Basic has stayed constant. Objective C was rising into 2013 but has a slight decline towards the end of the year. I am surprised by the Java decline given the rise of the Android platform, but I am guessing that the job postings are talking more about Android itself than Java. The fact that Objective C is not rising is somewhat surprising but likely has to do with the breadth of the industry. There are probably more jobs and iOS development maintains a certain percentage of them.

SimplyHired’s data continues to be somewhat outdated, at over 6 months old, so we are not really looking at current trends. Most of the trends look flat for the last six months with a slight uptick in July or August. Overall, the trends do not really tell us much of interest in the short term. I will continue to review the SimplyHired data to ensure it provides value, but if it continues to lag too much, it may not be useful.

Objective C has been dominating the relative growth for a few years now, but you can see that it started to decline a bit in 2013. It is difficult for an established language to continue 500% growth for several years, but the Objective C growth may finally be slowing down. Only C# is showing positive growth, although it is minimal. Visual Basic, Java and C++ are all showing negative trends at the end of 2013.

So, this pack of languages have seen some tougher times of late. Part of this is likely due to the rise of mobile development, but the trends could be changing as developers start to use more alternative languages like Scala or Clojure. Mobile development does not seem to be affecting the overall job trends even though it is the primary driver of growth in this area. Stay tuned for Part 2 and Part 3 of this series in the next few days to see if those languages are seeing similar trends.

]]>http://www.javapronews.com/programming-language-job-trends-part-1-february-2014/feed/0Java 8 Will Be Released In Marchhttp://www.javapronews.com/java-8-will-be-released-in-march/
http://www.javapronews.com/java-8-will-be-released-in-march/#commentsTue, 21 Jan 2014 15:26:19 +0000http://www.javapronews.com/?p=6691As Oracle continues to improve the Java Development Kit, the company has stated that it will not be pushing back the release of Java SE 8. The update is still on schedule for its March 18 release date. The final Java 8 release candidate should be available starting on January …

]]>As Oracle continues to improve the Java Development Kit, the company has stated that it will not be pushing back the release of Java SE 8. The update is still on schedule for its March 18 release date. The final Java 8 release candidate should be available starting on January 23.
Despite Oracle crunching to get Java 8 in shape for the scheduled deadline, the update will still ship with known bugs that coders will not be able to fix before launch. The company is referring to them as non-showstopper bugs and says that it will be delaying fixes on them to ensure Java 8 hits its March release deadline.

Java 8 was originally scheduled to launch during September 2013, but was delayed due to the numerous java security vulnerabilities uncovered over the past year. Oracle has since stated that it is in the process of fixing decade-old security problems introduced into Java before the company even purchased Sun Microsystems.

Java 8 will bring numerous features to Java, many of which were originally scheduled to be implemented in Java 7. The largest change will be support for closures (lambda expressions) under “Project Lambda.” Other changes include “Project Coin” implementation that did not make it into Java 7, annotations on Java Types, and a Date and Time API. “Project Nashorn” will also be coming with Java 8, though “Project Jigsaw” has been delayed to Java 9, meaning that modularization will not be coming to have until the scheduled Java SE 9 release in 2016.

]]>http://www.javapronews.com/java-8-will-be-released-in-march/feed/0Geek Reading November 12, 2013http://www.javapronews.com/geek-reading-november-12-2013/
http://www.javapronews.com/geek-reading-november-12-2013/#commentsTue, 12 Nov 2013 14:27:35 +0000http://www.javapronews.com/?p=6689I have talked about human filters and my plan for digital curation. These items are the fruits of those ideas, the items I deemed worthy from my daily reading. These items are a combination of tech business news, development news and programming tools and techniques. You will note that some …

]]>I have talked about human filters and my plan for digital curation. These items are the fruits of those ideas, the items I deemed worthy from my daily reading. These items are a combination of tech business news, development news and programming tools and techniques. You will note that some of the formatting has changed, and that is due to the change in my process. Formatting, and the information presented, is likely to change a bit as I develop my new process.

]]>http://www.javapronews.com/geek-reading-november-12-2013/feed/0Java Security Improving According To Oraclehttp://www.javapronews.com/java-security-improving-according-to-oracle/
http://www.javapronews.com/java-security-improving-according-to-oracle/#commentsTue, 01 Oct 2013 13:50:43 +0000http://www.javapronews.com/?p=6687Java became somewhat of a punching bag in the security researcher community earlier this year after numerous vulnerabilities were found in the software. After what must have been an embarrassing few months, Oracle announced in June that it would make Java security a priority going forward. So, how’s that working …

]]>Java became somewhat of a punching bag in the security researcher community earlier this year after numerous vulnerabilitieswere foundin the software. After what must have been an embarrassing few months, Oracle announced in June that it would make Java security a priority going forward. So, how’s that working out for them?InfoWorld reports that Oracle officials spoke on Java security in late September at the JavaOne technical conference in San Francisco. They said that the main problem with Java security is that most of the vulnerabilities existed long before Oracle purchased Sun Microsystems, and that they’re having to go back and fix decade old problems. It also didn’t help that Java, when under the care of Sun, didn’t receive the kind of security support or funding that Oracle is now pumping into it.

Of course, the blame can’t fall all on Sun. Oracle’s Vice President of Cloud Applications and Java EE, Cameron Purdy, said that some of the blame falls on Oracle for not building a Java security team fast enough after his company acquired Java in 2010.

Sun and Oracle may have made some mistakes in keeping Java secure, but the blame for poor Java security ultimately falls on users. Oracle notes that it’s putting out security updates, but it’s up to the user to update to the latest version of Java. If they don’t upgrade, it’s not Oracle’s fault if a hacker uses an exploit to take over their machine.

With its renewed focus on security, Oracle seems to have gained the favor of developers. One such developer told InfoWorld that Oracle had made a lot of progress over the past year in the field. That progress came in the form of Oracle announcing that it would put out four annual security fixes for Java instead of three. It will also work to release emergency updates whenever a zero-day exploit rears its ugly head.

]]>http://www.javapronews.com/java-security-improving-according-to-oracle/feed/0Programing Language Job Trends For August 2013http://www.javapronews.com/programing-language-job-trends-for-august-2013/
http://www.javapronews.com/programing-language-job-trends-for-august-2013/#commentsFri, 23 Aug 2013 13:14:37 +0000http://www.javapronews.com/?p=6682It is August, so that means it is time to review the job trends. First we look at the traditional programming languages, which includes Java, C++, C#, Objective C, Perl and Visual Basic. I have not decided how to change this yet, but hopefully soon I will get the change …

]]>It is August, so that means it is time to review the job trends. First we look at the traditional programming languages, which includes Java, C++, C#, Objective C, Perl and Visual Basic. I have not decided how to change this yet, but hopefully soon I will get the change to mix things up a bit. As always, please review some of the other job trends posts to see if your favorite language is already in one of these posts.
First, we look at the job trends from Indeed.com:

Over the past few years, the trends are fairly flat if not slightly declining. Some of this could be related to industry using more languages outside of this traditional core. More overall language analysis would definitely give us more information on that. As you can see, Java has showed some gains in 2013 after a drop in 2012. C++ and C# have really started to follow the same trends over the past 18 months, which is flat for 2013. Perl has been in slight decline for a few years, but has maintained demand in 2013. Visual Basic continues to stick around, but doesn’t show any real growth.

SimplyHired’s trends continue to be fairly flat, with a slight decline towards the end of last year. SimplyHired’s data is now over 6 months old, so it is difficult to a good idea of current trends. One odd trend is the jump for Visual Basic at the end of 2012. Otherwise, most of the trends are very similar.

Objective-C growth jumped again after a drop at the beginning of this year. C# growth is definitely in decline over the past two years. Most of the languages seem to flatten during 2013, which is similar to the overall demand trends as well. C++ looks to be in true decline as the growth trend is now below zero. Perl, Visual Basic and Java are all hovering at 0% growth.

So, most traditional languages have flat-lined during 2013. This basically means that the typical enterprise development is not growing but it is a stable mature market. Obviously, mobile development is continuing to grow with the Objective-C trends, but that mobile growth is not really reflected in the Java trends. What do we do now? First, we keep an eye on these trends and we start comparing these with the trends for languages like JavaScript, Python and Ruby. In addition, we have to track the mobile trends to see how they are affecting language growth as well.

]]>http://www.javapronews.com/programing-language-job-trends-for-august-2013/feed/0Java’s Security WIll Be A Priority Going Forward For Oraclehttp://www.javapronews.com/javas-security-will-be-a-priority-going-forward-for-oracle/
http://www.javapronews.com/javas-security-will-be-a-priority-going-forward-for-oracle/#commentsMon, 01 Jul 2013 14:08:02 +0000http://www.javapronews.com/?p=6680To say Java is vulnerable to exploits would be the understatement of the year. In the first two months of 2013, the software was hit with three zero-day exploits. Oracle eventually fixed all of these exploits, but Oracle should have worked harder to make it more secure in the first …

]]>To say Java is vulnerable to exploits would be the understatement of the year. In the first two months of 2013, the software was hit with three zero-day exploits. Oracle eventually fixed all of these exploits, but Oracle should have worked harder to make it more secure in the first place. In a better late than never move, the software maker will be doing just that.Oracle announced in a blog post that it will align Java with its Critical Patch Update schedule in October of this year. In other words, Oracle will release four annual security fixes for Java instead of the three it releases now. For zero-days and other sudden exploits, Oracle will “retain the ability to issue emergency “out of band” security fixes.”

The above is part of a larger push to move Java into the Oracle Software Security Assurance program. The hope is that this will help prevent “the introduction of new vulnerabilities in the Java code base.” Oracle says that its developers will use more automated security testing tools alongside new analysis tools that will find certain types of vulnerabilities.

For consumers running Java on their browsers, Oracle will be introducing three changes into how it interacts with the browser:

(1) The security model for signed applets was changed. Previously, signing applets was only used to request increased application privileges. With this update, signing applets establishes identity of the signer, but does not necessarily grant additional privileges. As a result, it is now possible to run signed applets without allowing them to run outside the sandbox, and users can prevent the execution of any applets if they are not signed.

(2) The default plug-in security settings were changed to further discourage the execution of unsigned or self-signed applets. This change is likely to impact most Java users, and Oracle urges organizations whose sites currently contain unsigned Java Applets to sign those Applets according to the documented recommendations. Note, however, that users and administrators will be able to specifically opt out of this setting and choose a less secure deployment mode to allow for the execution of unsigned applets. In the near future, by default, Java will no longer allow the execution of self-signed or unsigned code.

(3) While Java provides the ability to check the validity of signed certificates through Certificate Revocation Lists (CRLs) or Online Certificate Status Protocol (OCSP) calls before the execution of signed applets, the feature is not enabled by default because of a potential negative performance impact. Oracle is making improvements to standardized revocation services to enable them by default in a future release. In the interim, we have improved our static blacklisting to a dynamic blacklisting mechanism including daily updates for both blacklisted jar files and certificates.

On a final note, Oracle will also be increasing security for Java on servers to increase enterprise consumer trust in its services. The software maker points out that Java on servers is rarely affected by exploits, but it wants to take a better safe than sorry approach to the matter. It will do this by introducing what it calls Server JRE – a new Java distribution that removes vulnerable plugins. It will also work towards removing certain code libraries that are unnecessary for server distributions of Java.

All of the above makes it sound like Oracle is taking Java security very seriously. Of course, words and actions are two different things so we’ll have to see how Oracle reacts to emerging threats later this year when it implements its new security policies.